X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=apps%2Fenc.c;h=49338aca0fdc7ceeb6f3686589fb8ad59d41299c;hb=05c2b37176e15f86f2ca2f96745f5258aa9b1192;hp=35e33c70be29f4ba0edd0dd6d3ac09666a178ba6;hpb=b5929507e3aa8f359f272148609348d1f2433bf7;p=oweals%2Fopenssl.git diff --git a/apps/enc.c b/apps/enc.c index 35e33c70be..49338aca0f 100644 --- a/apps/enc.c +++ b/apps/enc.c @@ -65,6 +65,7 @@ #include #include #include +#include #ifndef NO_MD5 #include #endif @@ -79,22 +80,27 @@ int set_hex(char *in,unsigned char *out,int size); #define BSIZE (8*1024) #define PROG enc_main +int MAIN(int, char **); + int MAIN(int argc, char **argv) { + static const char magic[]="Salted__"; + char mbuf[8]; /* should be 1 smaller than magic */ char *strbuf=NULL; unsigned char *buff=NULL,*bufsize=NULL; int bsize=BSIZE,verbose=0; int ret=1,inl; unsigned char key[24],iv[MD5_DIGEST_LENGTH]; - char *str=NULL; - char *hkey=NULL,*hiv=NULL; + unsigned char salt[PKCS5_SALT_LEN]; + char *str=NULL, *passarg = NULL, *pass = NULL; + char *hkey=NULL,*hiv=NULL,*hsalt = NULL; int enc=1,printkey=0,i,base64=0; - int debug=0,olb64=0; + int debug=0,olb64=0,nosalt=0; const EVP_CIPHER *cipher=NULL,*c; char *inf=NULL,*outf=NULL; BIO *in=NULL,*out=NULL,*b64=NULL,*benc=NULL,*rbio=NULL,*wbio=NULL; #define PROG_NAME_SIZE 16 - char pname[PROG_NAME_SIZE]; + char pname[PROG_NAME_SIZE]; apps_startup(); @@ -103,7 +109,7 @@ int MAIN(int argc, char **argv) BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); /* first check the program name */ - program_name(argv[0],pname,PROG_NAME_SIZE); + program_name(argv[0],pname,PROG_NAME_SIZE); if (strcmp(pname,"base64") == 0) base64=1; @@ -130,14 +136,22 @@ int MAIN(int argc, char **argv) if (--argc < 1) goto bad; outf= *(++argv); } + else if (strcmp(*argv,"-pass") == 0) + { + if (--argc < 1) goto bad; + passarg= *(++argv); + } else if (strcmp(*argv,"-d") == 0) enc=0; else if (strcmp(*argv,"-p") == 0) printkey=1; else if (strcmp(*argv,"-v") == 0) verbose=1; - else if ((strcmp(*argv,"-debug") == 0) || - (strcmp(*argv,"-d") == 0)) + else if (strcmp(*argv,"-salt") == 0) + nosalt=0; + else if (strcmp(*argv,"-nosalt") == 0) + nosalt=1; + else if (strcmp(*argv,"-debug") == 0) debug=1; else if (strcmp(*argv,"-P") == 0) printkey=2; @@ -194,6 +208,11 @@ int MAIN(int argc, char **argv) if (--argc < 1) goto bad; hkey= *(++argv); } + else if (strcmp(*argv,"-S") == 0) + { + if (--argc < 1) goto bad; + hsalt= *(++argv); + } else if (strcmp(*argv,"-iv") == 0) { if (--argc < 1) goto bad; @@ -212,7 +231,8 @@ int MAIN(int argc, char **argv) bad: BIO_printf(bio_err,"options are\n"); BIO_printf(bio_err,"%-14s input file\n","-in "); - BIO_printf(bio_err,"%-14s output fileencrypt\n","-out "); + BIO_printf(bio_err,"%-14s output file\n","-out "); + BIO_printf(bio_err,"%-14s pass phrase source\n","-pass "); BIO_printf(bio_err,"%-14s encrypt\n","-e"); BIO_printf(bio_err,"%-14s decrypt\n","-d"); BIO_printf(bio_err,"%-14s base64 encode/decode, depending on encryption flag\n","-a/-base64"); @@ -233,7 +253,7 @@ bad: BIO_printf(bio_err,"rc2 :128 bit key RC2 encryption\n"); #endif #ifndef NO_BF - BIO_printf(bio_err,"bf :128 bit key BlowFish encryption\n"); + BIO_printf(bio_err,"bf :128 bit key Blowfish encryption\n"); #endif #ifndef NO_RC4 BIO_printf(bio_err," -%-5s :128 bit key RC4 encryption\n", @@ -276,13 +296,13 @@ bad: LN_bf_cfb64, LN_bf_ofb64); BIO_printf(bio_err," -%-4s (%s)\n","bf", LN_bf_cbc); #endif -#ifndef NO_BF +#ifndef NO_CAST BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s", LN_cast5_ecb, LN_cast5_cbc, LN_cast5_cfb64, LN_cast5_ofb64); BIO_printf(bio_err," -%-4s (%s)\n","cast", LN_cast5_cbc); #endif -#ifndef NO_BF +#ifndef NO_RC5 BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s", LN_rc5_ecb, LN_rc5_cbc, LN_rc5_cfb64, LN_rc5_ofb64); @@ -323,11 +343,11 @@ bad: if (verbose) BIO_printf(bio_err,"bufsize=%d\n",bsize); } - strbuf=Malloc(SIZE); - buff=(unsigned char *)Malloc(EVP_ENCODE_LENGTH(bsize)); + strbuf=OPENSSL_malloc(SIZE); + buff=(unsigned char *)OPENSSL_malloc(EVP_ENCODE_LENGTH(bsize)); if ((buff == NULL) || (strbuf == NULL)) { - BIO_printf(bio_err,"Malloc failure %ld\n",(long)EVP_ENCODE_LENGTH(bsize)); + BIO_printf(bio_err,"OPENSSL_malloc failure %ld\n",(long)EVP_ENCODE_LENGTH(bsize)); goto end; } @@ -357,6 +377,14 @@ bad: } } + if(!str && passarg) { + if(!app_passwd(bio_err, passarg, NULL, &pass, NULL)) { + BIO_printf(bio_err, "Error getting password\n"); + goto end; + } + str = pass; + } + if ((str == NULL) && (cipher != NULL) && (hkey == NULL)) { for (;;) @@ -386,11 +414,83 @@ bad: } } + + if (outf == NULL) + BIO_set_fp(out,stdout,BIO_NOCLOSE); + else + { + if (BIO_write_filename(out,outf) <= 0) + { + perror(outf); + goto end; + } + } + + rbio=in; + wbio=out; + + if (base64) + { + if ((b64=BIO_new(BIO_f_base64())) == NULL) + goto end; + if (debug) + { + BIO_set_callback(b64,BIO_debug_callback); + BIO_set_callback_arg(b64,bio_err); + } + if (olb64) + BIO_set_flags(b64,BIO_FLAGS_BASE64_NO_NL); + if (enc) + wbio=BIO_push(b64,wbio); + else + rbio=BIO_push(b64,rbio); + } + if (cipher != NULL) { if (str != NULL) { - EVP_BytesToKey(cipher,EVP_md5(),NULL, + /* Salt handling: if encrypting generate a salt and + * write to output BIO. If decrypting read salt from + * input BIO. + */ + unsigned char *sptr; + if(nosalt) sptr = NULL; + else { + if(enc) { + if(hsalt) { + if(!set_hex(hsalt,salt,PKCS5_SALT_LEN)) { + BIO_printf(bio_err, + "invalid hex salt value\n"); + goto end; + } + } else if (RAND_pseudo_bytes(salt, PKCS5_SALT_LEN) < 0) + goto end; + /* If -P option then don't bother writing */ + if((printkey != 2) + && (BIO_write(wbio,magic, + sizeof magic-1) != sizeof magic-1 + || BIO_write(wbio, + (char *)salt, + PKCS5_SALT_LEN) != PKCS5_SALT_LEN)) { + BIO_printf(bio_err,"error writing output file\n"); + goto end; + } + } else if(BIO_read(rbio,mbuf,sizeof mbuf) != sizeof mbuf + || BIO_read(rbio, + (unsigned char *)salt, + PKCS5_SALT_LEN) != PKCS5_SALT_LEN) { + BIO_printf(bio_err,"error reading input file\n"); + goto end; + } else if(memcmp(mbuf,magic,sizeof magic-1)) { + BIO_printf(bio_err,"bad magic number\n"); + goto end; + } + + sptr = salt; + } + + EVP_BytesToKey(cipher,EVP_md5(),sptr, (unsigned char *)str, strlen(str),1,key,iv); /* zero the complete buffer or the string @@ -424,6 +524,13 @@ bad: if (printkey) { + if (!nosalt) + { + printf("salt="); + for (i=0; ikey_len > 0) { printf("key="); @@ -446,38 +553,6 @@ bad: } } - - if (outf == NULL) - BIO_set_fp(out,stdout,BIO_NOCLOSE); - else - { - if (BIO_write_filename(out,outf) <= 0) - { - perror(outf); - goto end; - } - } - - rbio=in; - wbio=out; - - if (base64) - { - if ((b64=BIO_new(BIO_f_base64())) == NULL) - goto end; - if (debug) - { - BIO_set_callback(b64,BIO_debug_callback); - BIO_set_callback_arg(b64,bio_err); - } - if (olb64) - BIO_set_flags(b64,BIO_FLAGS_BASE64_NO_NL); - if (enc) - wbio=BIO_push(b64,wbio); - else - rbio=BIO_push(b64,rbio); - } - /* Only encrypt/decrypt as we write the file */ if (benc != NULL) wbio=BIO_push(benc,wbio); @@ -505,12 +580,14 @@ bad: BIO_printf(bio_err,"bytes written:%8ld\n",BIO_number_written(out)); } end: - if (strbuf != NULL) Free(strbuf); - if (buff != NULL) Free(buff); + ERR_print_errors(bio_err); + if (strbuf != NULL) OPENSSL_free(strbuf); + if (buff != NULL) OPENSSL_free(buff); if (in != NULL) BIO_free(in); if (out != NULL) BIO_free(out); if (benc != NULL) BIO_free(benc); if (b64 != NULL) BIO_free(b64); + if(pass) OPENSSL_free(pass); EXIT(ret); }